Representatives for the Dallas-based company are saying it was a highly sophisticated group. The attackers gave the software a name almost identical to the one the company was already using, which would often trip hundreds of daily security alerts.
Atlanta high tech crimes expert Gregory Adams isn’t surprised that hackers raided the credit card system at Neiman Marcus.
“I guarantee you now, another major retailer is being hacked into as we speak,” Adams said.
From July through October of 2013, hackers stole credit card numbers from nearly 350,000 customers.
“This is all Neiman Marcus’ fault – their IT department,” Evans said.
Evans said that cyber criminals are all around us. It can often take them months of research to get what they want. Despite the breach at Neiman Marcus, the Atlanta store continues to have its steady stream of loyal shoppers.
Evans reminds shoppers to always closely check credit card statements.
“Don’t just look at the balance — look at all of the charges on there,” Evans said. “You want to look for the little charges.”
Security investigators said that the hackers used different tools and different strategies than Target hackers. They don’t believe the two attacks are related.
ATLANTA — Computers are always hot holiday gifts. But before you trade in the old for the new, make sure you’re not leaving a gift for identity thieves.
Many people give their old computers and laptops away to friends or charity. They move their files and pictures to the trash bin and hit delete. But security experts will tell you that is not enough to protect your personal information.
11Alive’s Rebecca Lindstrom spent a day buying laptops from dealers, parents and college kids looking to make some extra cash. We then gave them to security expert Gregory Evans with Hi-Tech Crime Solutions.
He showed how easy it was to retrieve data using common hacker tools, much of it downloaded from the internet free.
On one laptop we found thousands of family photos. It wasn’t the person we bought it from, but a previous owner. Within 30 minutes we had enough information to send her a message on twitter, and Facebook. We were also able to figure out where she lived and at least one place she had worked.
The woman, who we’ll call Brittany to protect her real identity, lives in Atlanta.
“It’s not a good feeling,” said Brittany.
When we told her what we’d found, she was creeped out, but not necessarily concerned, until we reminded her of what we found in the photos.
“It’s actually her foot prints, it’s got her name, date of birth. I could steal her identity if I were a thief,” said Lindstrom, detailing some of the information found in the photos of when her baby girl was born.
“It’s so innocent. I didn’t think about that,” said Brittany.
It’s also innocent to sync your phone with your computer. But if you don’t delete the data, we found it was pretty easy to attach another phone to the laptop and download the backup file. Once complete, we had the person’s emails, text messages, passwords and contact list.
Another trouble spot is web history.
“They can find out where you bank, where you go to school,” said Evans.
That’s why Evan says you should never let the computer save your passwords.
“It automatically fills in your name, your password is covered. You just click login and it logs you in,” he explained.
Evans says the only person who actually managed to remove all of his data was a student from Kennesaw State University. When we bought his laptop he told me he had deleted his data and restored the computer to its original settings.
“When he reinstalled the operating system from scratch, he erased all the data, the formatting, everything,” explained Evans.
Evan says if you plan to throw the laptop away destroy the hard drive.
If you want to sell or give it away, reinstall the operating system, or download a program that overwrites and corrupts the data. Many of the programs are free. A perfect price for peace of mind.
ATLANTA — An Atlanta film company may be the next victim of a cyber-hack that has shut down its website, www.AtlantaFilmWorks.com.
“I thought people in the entertainment industry in Atlanta should be wary right now,” studio owner Mark Henderson said.
His company rents studio space for film and television. Right now, the hanger is being used by the crew making season two of an AMC show called “Halt and Catch Fire.”
But if you visit the Atlanta Film Works website, instead of its usual film promotion, you’ll see a blatant hack. It links to a mysterious Facebook page where users post complains about being locked out from their websites.
Henderson says he uses the website to promote his company. He says there was no data stolen, but he’s not sure how to reset the website.
“I’ve been hearing about the Sony hacks, so I could see them hitting entertainment industries and that’s what we’re in,” he said.
Computer security consultant Gregory Evans believes it could be a copycat attack after Sony Pictures was hacked. Evans believes all Atlanta film companies may be at risk
“Oh, all film companies are at risk, especially ones here in Atlanta. The smaller ones, it’s very easy to hack them,” Evans said. “What hackers will do is they’ll use it for practice. Or now since the Sony hack, people are Googling film companies. They want to see what else is out there they can hack in to.”
ATLANTA (WXIA) — President Barack Obama signed an executive order Friday that hit North Korea with more sanctions. It was in response to what the US says is the rogue nation’s role in a cyber-attack on Sony Pictures Entertainment.
The White House says this is just the first part of the US response to the Sony incident. But one security expert in Atlanta is joining the chorus of those who say North Korea is not responsible for the attack.
“Everything pointed to an inside job,” said Gregory Evans. “Nothing pointed to North Korea.”
Evans is a hacker-turned-cyber-security expert. He says that from day one there was something about the Sony hack that smelled like an inside job.
“In order for them to have hacked in they would have had to know where those servers were, and they went undetected,” said Evans. “How in the world, when you have 1000 people working in your IT department, can someone hack in, hit all three servers, and go undetected. That’s like someone living in your house a whole month or two months and go undetected. You and your family don’t see this guy walking around your house.”
Evans says North Korea is notorious for a lot of things but hacking like a super-power is not one of them.
“They don’t even have a good bandwidth in their country; that’s why it was very easy a week ago to knock their internet offline. A group of hackers could’ve done that.”
Meanwhile, the FBI and the White House are standing by their accusation that North Korea was to blame for the Sony attacks. But Evans insists that’s because they have no choice.
“They can’t go back now after blaming North Korea, having given this information to the President and the President going out saying it was North Korea. They can’t go back and say ‘…oops, we messed up.’ So they have to stick to their lie.”
“And just remember this: (The FBI) wanted you to believe that they cracked the case in less than two weeks; but they still haven’t told you who hacked Target a year ago or Home Depot eight months ago. They still haven’t told you that.”
Evans also does not believe that North Korea “hired out” the job to cyber subcontractors. But either way, trying to verify whoever it was is going to be close to impossible. Even those who take credit for such attacks.
Both planes were searched and no explosives were found.
The FBI tells said it’s up to the airlines to determine if a threat is credible, whether It comes from social media or elsewhere. In Saturday’s case, both bomb threats were deemed credible and that’s why the FBI was called in to investigate.
Cyber attack expert Gregory Evans believes the FBI knows who is behind KingZortic, the username responsible for the threats.
“Right now we are focusing on who it was, where it was and how we can best lay hands on them,” said FBI Special Agent Stephen Emmett.
The FBI says the person responsible for the threats could face serious federal charges, such as conspiracy to destroy an aircraft.
“I have the utmost confidence in our investigators, that work these problems,” Evans said. “They are very good at it, and they have a lot of tools needed for this investigation.”
Airline officials said whether the threats are a hoax or real, whoever did it should be held responsible.
ATLANTA — In 2015, hacking is more than the just the cyber espionage you hear about with Sony and Home Depot. Everyday people are hiring hackers.
Now it’s easier than ever.
Sometimes it’s legal and sometimes it’s not.
“When you have situations like blackmail, or you’re being cyber extorted, or someone’s hacked into your corporate network and shutdown your website you need people like us,” said Hacker for Hire founder Greg Evans.
After spending years on the criminal side of cyberspace, he’s now exclusively a hacker for legitimate purposes. However, he admits he’s received plenty of illegal requests. Several people ask him to hack into the credit bureaus or prison systems to clean up their records.
“Around March, we’ll start getting a lot of people that ask, can you change my grades,” Evans said.
While Evans won’t take those jobs, there are plenty of hackers willing to lend their services. Their legality, however, is questionable.
Browsing hacker websites, where hackers sell their services like craisglist, you’ll find plenty of illegal requests.
One person is offering $500 for every Gmail account someone can hack into. Another wants someone to hack into their “cheating husband’s” password. There’s even a request to hack into the DMV.
“That is illegal. If they find out, then you’re going to jail,” Evans said.
So if you’re going to hire a hacker, stick with the legal reasons.